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DETAILED ACTION 

1 . Claims 1 -20 are pending. 

2. This office action is in reply to an amendnnent filed on August 24, 2007. Claims 1-20 have been 
amended. 

Response to Amendment 

3. Applicant's arguments with respect to claims 1-20 have been considered but are moot in view of 
the new ground{s) of rejection. 

Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness 
rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

5. Claims 1-20 are rejected under 35 U.S.C. 103(a) as being unpatentable over Howard et a! 
(Howard), US Pub. No. 2002/0069365, and further in view of Wu, US Pub. No. 2004/0205396. 

As per claim 1, Howard discloses: 

Systems for secure Hypertext Markup Language (HTML) links, (page 6, paragraph 67, "If the 
client computer is running the limited-use browiser/module. the server system generates a secure HTML"). 

A protocol encryption tool operable to associate encrypted protocols with HTML links, (page 7. 
paragraph 73, "The client system receives the requested content from the server system as either 
encrypted HTML content or secured document package"). 
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Each protocol associated with a restricted browser function; (page 6. paragraph 67, "the server 
system generates a secure HTML page corresponding to the requested content and sends the page to 
the client system"). 

An editor operable to publish an HTML link and associated encrypted protocol in a web page 
(page 1 , paragraph 1 5, "a limited-use web browser and related security system allows providers of text 
and images or other content to publish content on a local-area network (LAN) or vyide-area network 
(WAN), such as world wide web (web) and the Internet"), where HTML is one way of creating a web page, 
"publish the content" inherently including "an editor operable to publish". 

A browser operable to display the web page and HTML link (page 1-2, paragraph 15, "reads and 
displays any viewable web content including text, images, and streaming audio and video"). 

The browser having one or more restricted function, (page 6, paragraph 62, "A secure document 
package is composed of a document manager and one or more web pages"), where the web pages can 
be a restricted function. 

Each restricted function requiring at least selection of an HTML link (page 6, paragraph 67, "the 
server system generates a secure HTML page corresponding to the requested content and sends the 
page to the client system"). 

A function confirmation before the browser executes the function (page 4, paragraph 42, "When 
the user request 313 is received by the server computer 301, the server component 302 determines if a 
client key is associated with the request If the key 314 in not present, the request is immediately 
rejected.") 

A protocol decryption engine interfaced with the browser, the protocol decryption engine operable 
to decrypt the encrypted protocol associated with the html link and authorize execution of the associated 
restricted browser function without the function confirmation. (Page 4, paragraph 45, "When a document 
is secured using the common security model, the server component 302 encrypts the document prior to 
downloading it, and the limited user browser 312 decrypts the data for viewing only.") 
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Howard does not explicitly discloses, the confirm9tion function. However, on the same field of 
endeavor, Wu teach this limitation as, (page 4, paragraph 43, "FIG. 7 shows the process of the resident 
program in the PC mode according to the embodiment of the present invention. First, in step S701, the 
resident program checks the status of the mode control 320. If the status has not been changed (No in 
step S702), or has been changed but remains in the PC mode, the flow returns to step S701 . If the status 
has been changed to a selected sub-mode (No in step S703), in step S704, the resident program displays 
a confirmation window and waits for confirmation. If a confirmation signal is received through the 
confirmation window (Yes in step S705), in step S706, the resident program reboots the computer system 
100. Otherwise, the flow returns to step S701."). 

Therefore, it would have been obvious to one of ordinary skill in the art, at the time of the 
invention was made, to modify the teaching of Howard and include the above limitation using the teaching 
of Wu. The modification would be obvious because one of brdinary skill in the art would be motivated to 
add the above limitation to clearly inform the user about the link that he/she about to open. 

As per claim 2, Howard discloses: 

The restricted browser function comprises a command to execute a binary. (Page 9, paragraph 
96, "a delivery object 701 which is the DLL binary for the document manager"). Moreover 
(page 4, paragraph 36, "The file management system is typically stored in the mass memory 215 and 
cause the processor 205 to execute the various steps required by the operating system"). 

As per claim 3, Howard discloses: 

The restricted browser function comprises a command to save a binary. (Page .9, paragraph 96, 
"a delivery object 701 which is the DLL binary for the document manager"). Moreover 
(page 4, paragraph 36, "The file management system is typically stored in the mass memory 215 and 
cause the processor 205 to execute the various steps required by the operating system to input and 
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output data and to store data in memory, including storing files on the mass memory 215."), where saving 
a file means storing a file. 

As per claim 4, Howard discloses: 

The restricted browser function comprises a command to execute a script. (Page 2, paragraph 
28, "Any format that can be displayed via the internet, such as web graphic, common gateway interface 
(CGI) scripts, JAVA scripts"), where displaying a script means executing a script 

As per claim 5, Howard discloses: 

The restricted browser function comprises a command to save a script. (Page 4, paragraph 36, 
"The file management system is typically stored in the mass memory 215 and cause the processor 205 to 
execute the various steps required by the operating system to input and output data and to store data in 
memory, including storing files on the mass memory 215.") 

As per claim 6. Howard discloses: 

A protocol filter associated with the browser and operable to preprocess plural encrypted 
protocols upon retrieval of the web page by the browser, (Page 8, paragraph 86, "The server security 
component filters web client authentication, and web server request and response events"). Further 
Howard discloses (Page 6, paragraph 68, "Each document to be protected under the common security 
model (block 425) is marked for later encryption with the system level encryption key (SLE)"). 

As per claim 7, Howard discloses: 

The protocol encryption tool comprises a private key for encryption of protocols. (Page 6, 
paragraph 68, "Each document to be protected under the common security model (block 425) is marked 
for later encryption with the system level encryption key (SLE)"). 
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As per claim 8. Howard discloses: 

Protocol decryption engine comprises a public key. (Page 6, paragraph 62, "to decrypt the 
package, it is necessary to know where to break up the individual pages before attempting the decrypt the 
file and even then encryption makes the content unusable to anyone but the owner of the machine with 
the client registered with the unique ULE key.") 

As per claim 9. Howard discloses: 

A method for secure HTML links, (page 6, paragraph 67. "the server system generates a secure 

HTML"). 

Encrypting a proto.col associated with a restricted browser function; (page 7, paragraph 73, "The 
client system receives the requested content from the server system as either encrypted HTML content or 
secured document package"). Moreover, (page 6, paragraph 67, "the server system generates a secure 
HTML page corresponding to the requested content and sends the page to the client system"). 

Publishing the encrypted protocol in an HTML framework to associate with an HTML link that 
executes the restricted browser function; (page 1, paragraph 15, "a limited-use web browser and related 
security system allows providers of text and images or other content to publish content on a local-area 
network (LAN) or wide-area network (WAN), such as world wide web (web) and the Internet"), where 
HTML is one way of creating a web page. 

Displaying the HTML framework through a browser, (page 1-2, paragraph 15, "reads and displays 
any viewable web content including text, images, and streaming audio and video"). 

The browser restricting execution of restricted functions by requiting a distinct confirmation before 
execution of the restricted function; (page 4, paragraph 42, "When the user request 313 is received by the 
server computer 301, the server component 302 determines if a client key is associated with the request. 
If the key 314 in not present, the request is immediately rejected.") 

Decrypting the encrypted protocol at the browser; and authorizing execution of the restricted 
function without the distinct confirmation. (Page 4, paragraph 45, "When a document is secured using the 
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common security model, the server component 302 encrypts the document prior to downloading it. and 
the limited user browser 312 decrypts the data for viewing only.") 

Howard does not explicitly discloses, the confirmation function. However, on the same field of 
endeavor. Wu teach this limitation as. (page 4, paragraph 43, "FIG. 7 shows the process of the resident 
program in the PC mode according to the embodiment of the present invention. First, in step S701. the 
resident program checks the status of the mode control 320. If the status has not been changed (No in 
step S702), or has been changed but remains in the PC mode, the flow returns to step S701. If the status 
has been changed to a selected sub-mode (No in step S703), in step S704, the resident program displays 
a confirmation window and waits for confirmation. If a confirmation signal is received through the 
confirmation window (Yes in step S705), in step S706, the resident program reboots the computer system 
100. Otherwise, the flow returns to step S701."). 

Therefore, it would have been obvious to one of ordinary skill in the art, at the time of the 
invention was made, to modify the teaching of Howard and include the above limitation using the teaching 
of Wu. The modification would be obvious because one of ordinary skill in the art would be motivated to 
add the above limitation to clearly inform the user about the link that he/she about to open. 

As per claim 10. Howard discloses: 

Encrypting a protocol further comprises encrypting the protocol with a private key. (Page 6. 
paragraph 68. "Each document to be protected under the common security model (block 425) is marked 
for later encryption with the system level encryption key (SLE)"), 

As per claim 1 1 , Howard discloses: 

Decrypting the protocol further comprises decrypting the protocol with a public key. (Page 6, 
paragraph 62, "to decrypt the package, it is necessary to know where to break up the individual pages 
before attempting the decrypt the file and even then encryption makes the content unusable to anyone 
but the owner of the machine with the client registered with the unique ULE key.") 
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As per claim 12, Howard discloses: 

Authorizing execution of restricted function further comprises authorizing execution of a binary by 
the browser. (Page 9. paragraph 96, "a delivery object 701 which is the DLL binary for the document 
manager"). Moreover (page 4, paragraph 36, "The file management system is typically stored in the mass 
memory 215 and cause the processor 205 to execute the various steps required by the operating 
system"). 

As per claim 13, Howard discloses: 

Authorizing execution of the restricted function further comprises authorizing saving of a binary by 
the browser. (Page 9. paragraph 96, "a delivery object 701 which is the DLL binary for the document 
manager"). Moreover (page 4, paragraph 36, "The file management system is typically stored in the mass 
memory 215 and cause the processor 205 to execute the various steps required by the operating system 
to input and output data and to store data in memory, including storing files on the mass memory 215."), 
where saving a file means storing a file. 

As per claim 14, Howard discloses: 

Authorizing execution of the restricted function further comprises authorizing execution of a script 
by the browser. (Page 2, paragraph 28, "Any format that can be displayed via the internet, such as web 
graphic, common gateway interface (CGI) scripts, JAVA scripts"), where displaying a script means 
executing a script. 

As per claim 15, Howard discloses: 

Authorizing execution of the restricted function further comprises authorizing saving of a script by 
the browser. (Page 4, paragraph 36, "The file management system is typically stored in the mass memory 



Application/Control Number: Page 9 

10/777,600 

Art Unit: 2139 

215 and cause the processor 205 to execute the various steps required by the operating system to input 
and output data and to store data in memory, including storing files on the mass memory 215.") 



As per claim 16, Howard discloses: 

Preprocessing of plural encrypted protocols substantially upon loading of the HTML framework to 
the browser. (Page 6, paragraph 68, "Each document to be protected under the common security model 
(block 425) is marked for later encryption with the system level encryption key (SLE)"). 

As per claim 17, Howard discloses: 

The distinct confirmation comprises a window displayed upon user selection of an HTML link 
associated with a restricted function, the window requiring at least one addition input by the user before 
execution of the restricted function, (page 1-2, paragraph 15, "reads and displays any viewable web 
content including text, images, and streaming audio and video"). 

As per claim 18, Howard discloses: 

An information handling system comprising: (page 1, paragraph 11, "secure information 
distribution system") 

A browser operable to retrieve and display a HTML link associated with a restricted function, 
(page 7, paragraph 73, "The client system receives the requested content from the server system as 
either encrypted HTML content or secured document package"). 

The browser requiring a distinct confirmation of a selection of the HTML link before execution of 
the restricted function; (page 4, paragraph 42. "When the user request 313 is received by the server 
computer 301, the server component 302 determines if a client key is associated with the request. If the 
key 314 in not present, the request is immediately rejected.") 

An encrypted protocol associated with the HTML link; (page 6, paragraph 60, "The HTML source 
code is encrypted by the server digital processing system using a system level encryption (SLE) key.") 
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A protocol decryption engine interfaced with tlie browser and operable to override the distinct 
confirmation requirennent upon decryption and validation of the encrypted protocol. (Page 4, paragraph 
45, "When a document is secured using the common security model, the server component 302 encrypts 
the document prior to downloading it, and the limited user browser 312 decrypts the data for viewing 
only"). Further Howard discloses, (page 4, paragraph 42, "When the user request 313 is received by the 
server computer 301, the server component 302 determines if a client key is associated with the request. 
If the key 314 in not present, the request is immediately rejected.") 

Howard does not explicitly discloses, the confirmation function. However, on the same field of 
endeavor, Wu teach this limitation as, (page 4, paragraph 43, "FIG. 7 shows the process of the resident 
program in the PC mode according to the embodiment of the present invention. First, in step S701, the 
resident program checks the status of the mode control 320. If the status has not been changed (No in 
step S702), or has been changed but remains in the PC mode, the flow returns to step S701 . If the status 
has been changed to a selected sub-mode (No in step S703), in step S704, the resident program displays 
a confirmation window and waits for confirmation. If a confirmation signal is received through the 
confirmation window (Yes in step S705), in step S706. the resident program reboots the computer system 
100. Otherwise, the flow returns to step S701."). 

Therefore, it would have been obvious to one of ordinary skill in the art, at the time of the 
invention was made, to modify the teaching of Howard and include the above limitation using the teaching 
of Wu. The modification would be obvious because one of ordinary skill in the art would be motivated to 
add the above limitation to clearly inform the user about the link that he/she about to open. 

As per claim 19, Howard discloses: 

Browser is further operable to retrieve a web page having plural encrypted protocols, (page 6, 
paragraph 62, "A secure document package is composed of a document manager and one or more web 
pages, each of which is encrypted with the ULE.") 
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The information handling system further comprising, (page 1, paragraph 11, "secure information 
distribution system") 

A protocol filter interfaced with the browser and operable to identify the plural encrypted protocols 
for decrypting by the protocol decryption engine. (Page 8, paragraph 86, "The server security component 
filters web client authentication, and web server request and response events"). Further Howard discloses 
(Page 6, paragraph 68, "Each document to be protected under the common security model (block 425) is 
marked for later encryption with the system level encryption key (SLE)"). 

As per claim 20, Howard discloses: 

A protocol database interfaced with the protocol decryption engine and having a table of protocols 
and associated restricted functions, (Page 6, paragraph 62, "to decrypt the package, it is necessary to 
know where to break up the individual pages before attempting the decrypt the file and even then 
encryption makes the content unusable to anyone but the owner of the machine with the client registered 
with the unique ULE key.") 

Conclusion 

6. The prior art made or record and not relied upon is considered pertinent to applicant's disclosure 
TITLE: Automated on-line information service and directory, particularly for the world wide web, US- 
6,324.538. 

TITLE: Object-based on-line transaction infrastructure, US-6,757,710. 

TITLE: Method and system for controlling access, by an authentication server, to protected computer 

resources provided via an Internet protocol network, US Pub. No. 2003/0046589. 

TITLE: System and method for carrying out information-related transactions using web documents 

embodying transaction enabling applets automatically launched and executed in response to reading 

URL-encoded symbols pointing thereto, US Pub. No. 2004/0046014. 

TITLE: System and method for network operation, US Pub. No. 2003/0233541. 
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Any inquiry concerning this communication or earlier communications from the examiner should 
be directed to Teshome Hailu whose telephone number is (571) 270-3159. The examiner can normally 
be reached on Mon-Fri 7:30a.m. to 5:00p.m. PST. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Ayaz 
R. Sheikh can be reached on (571) 272-3795. The fax phone number for the organization where this 
application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent Application 
Information Retrieval (PAIR) system. Status information for published applications may be obtained from 
either Private PAIR or Public PAIR. Status information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) 
at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative 
or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272- 
1000. 

Teshome Hailu 
November 09, 2007 
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